Lucene search
+L

124 matches found

osv
osv
added 2026/06/08 9:30 a.m.6 views

OPENSUSE-SU-2026:20918-1 Security update for salt

This update for salt fixes the following issues: Security fixes: - CVE-2026-31958: python-tornado: parsing large multipart bodies with many parts can cause a denial of service bsc1259554 Other changes in salt: - Use non vendored tornado with Python 3.11 bsc1257583, bsc1259700 - Harden Tornado fro...

8.7CVSS7.3AI score0.00375EPSS
Exploits0References7
wizblog
wizblog
added 2026/06/04 2:19 p.m.23 views

AI Threat Readiness Pillar 1: Reduce Critical Exposures & Scan with AI

Diving into the first pillar of the AI Threat Readiness Framework and how Wiz helps...

5.8AI score
Exploits0
osv
osv
added 2026/06/03 2:21 p.m.6 views

SUSE-SU-2026:2257-1 Security update for salt

This update for salt fixes the following issue: Security issues fixed: - CVE-2026-31958: python-tornado: parsing large multipart bodies with many parts can cause a denial of service bsc1259554. Other updates and bugfixes: - Use non vendored Tornado with Python 3.11 bsc1257583, bsc1259700 - Harden...

8.7CVSS7.1AI score0.00375EPSS
Exploits0References8
osv
osv
added 2026/06/03 2:20 p.m.7 views

SUSE-SU-2026:2256-1 Security update for salt

This update for salt fixes the following issue: Security issues fixed: - CVE-2026-31958: python-tornado: parsing large multipart bodies with many parts can cause a denial of service bsc1259554. Other updates and bugfixes: - Use non vendored Tornado with Python 3.11 bsc1257583, bsc1259700 - Harden...

8.7CVSS5.8AI score0.00375EPSS
Exploits0References8
osv
osv
added 2026/06/03 2:19 p.m.15 views

SUSE-SU-2026:2255-1 Security update 5.0.8 for Multi-Linux Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: - Security issues fixed: - CVE-2026-31958: tornado: Fixed parsing large multipart bodies with many parts can cause a denial of service bsc1259554 - CVE-2026-27459: pyOpenSSL: Fixed issue with large cookie value that can lead to a buffer...

9.8CVSS7AI score0.00704EPSS
Exploits0References13
suse
suse
added 2026/06/03 2:19 p.m.6 views

Security update 5.0.8 for Multi-Linux Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2026-31958: tornado: Fixed parsing large multipart bodies with many parts can cause a denial of service bsc1259554 CVE-2026-27459: pyOpenSSL: Fixed issue with large cookie value that can lead to a buffer overflow...

8.7CVSS7.5AI score0.00704EPSS
Exploits0References26
osv
osv
added 2026/06/03 2:16 p.m.8 views

SUSE-SU-2026:2252-1 Security update for salt

This update for salt fixes the following issue: Security issues fixed: - CVE-2026-31958: python-tornado: parsing large multipart bodies with many parts can cause a denial of service bsc1259554. Other updates and bugfixes: - Use non vendored Tornado with Python 3.11 bsc1257583, bsc1259700 - Harden...

8.7CVSS5.8AI score0.00375EPSS
Exploits0References8
suse
suse
added 2026/06/03 2:14 p.m.8 views

Security update 5.0.8 for Multi-Linux Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2026-31958: tornado: Fixed parsing large multipart bodies with many parts can cause a denial of service bsc1259554 CVE-2026-27459: pyOpenSSL: Fixed issue with large cookie value that can lead to a buffer overflow...

8.7CVSS7.5AI score0.00704EPSS
Exploits0References26
suse
suse
added 2026/06/03 2:13 p.m.8 views

Security update 5.0.8 for Multi-Linux Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2026-31958: tornado: Fixed parsing large multipart bodies with many parts can cause a denial of service bsc1259554 CVE-2026-27459: pyOpenSSL: Fixed issue with large cookie value that can lead to a buffer overflow...

8.7CVSS7.5AI score0.00704EPSS
Exploits0References26
suse
suse
added 2026/06/03 2:11 p.m.9 views

Security update 5.0.8 for Multi-Linux Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2026-31958: tornado: Fixed parsing large multipart bodies with many parts can cause a denial of service bsc1259554 CVE-2026-27459: pyOpenSSL: Fixed issue with large cookie value that can lead to a buffer overflow...

8.7CVSS7.5AI score0.00704EPSS
Exploits0References26
suse
suse
added 2026/06/03 1:34 p.m.8 views

Security update 5.0.8 for Multi-Linux Manager Client Tools, Salt Bundle and Salt

This update fixes the following issues: golang-github-prometheus-nodeexporter: Version 1.10.2: meminfo: Fix typo in Zswap metric name Version 1.10.1: filesystem: Fix mount points being collected multiple times filesystem: Refactor mountinfo parsing bsc1261810 meminfo: Add Zswap/Zswapped metrics...

8.7CVSS7AI score0.00704EPSS
Exploits0References36
osv
osv
added 2026/06/03 12:59 p.m.6 views

SUSE-SU-2026:21993-1 Security update for salt

This update for salt fixes the following issues: - Security issues fixed: - CVE-2026-31958: tornado: Fixed parsing large multipart bodies with many parts can cause a denial of service bsc1259554 - Other updates and bugfixes: - Use non vendored Tornado with Python 3.11 bsc1257583, bsc1259700 -...

8.7CVSS7.3AI score0.00375EPSS
Exploits0References8
osv
osv
added 2026/06/03 12:33 p.m.4 views

SUSE-SU-2026:21990-1 Security update 5.0.8 for Multi-Linux Manager Client Tools, Salt Bundle and Salt

This update fixes the following issues: golang-github-prometheus-nodeexporter: - Version 1.10.2: meminfo: Fix typo in Zswap metric name - Version 1.10.1: filesystem: Fix mount points being collected multiple times filesystem: Refactor mountinfo parsing bsc1261810 meminfo: Add Zswap/Zswapped metri...

9.8CVSS6.7AI score0.00704EPSS
Exploits0References19
susecve
susecve
added 2026/05/14 3:9 a.m.40 views

SUSE CVE-2023-43631

On boot, the Pillar eve container checks for the existence and content of “/config/authorizedkeys”. If the file is present, and contains a supported public key, the container will go on to open port 22 and enable sshd with the given keys as the authorized keys for root login. An attacker could...

8.8CVSS7.3AI score0.00159EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2026/04/15 12:0 a.m.8 views

PT-2026-33010

🔒 CyberSecurity CVE-2024-44738 & CVE-2024-44337: n8n Workflow Automation Critical Flaws — Detec… "Security Arsenal’s analysis of the recent Pillar Security disclosure regarding n8n…" 🔗 https://t.co/U8qg6uYpWr CyberSecurity ThreatIntel alertfatigue triage alertmonitor...

5.1CVSS6.6AI score0.00501EPSS
Exploits1References1
mssecure
mssecure
added 2026/03/19 7:0 p.m.8 views

New tools and guidance: Announcing Zero Trust for AI

Over the past year, I have had conversations with security leaders across a variety of disciplines, and the energy around AI is undeniable. Organizations are moving fast, and security teams are rising to meet the moment. Time and again, the question comes back to the same thing: "We're adopting A...

5.9AI score
Exploits0
osv
osv
added 2026/02/04 9:36 p.m.6 views

GHSA-4C4V-42HC-72P6 EVE's Debug Functions Unlockable Without Triggering Measured Boot

Impact On boot, Pillar checks for /config/GlobalConfig/global.json and overrides system configuration if present. This allows enabling debug functions like SSH debug.enable.ssh, USB keyboard debug.enable.usb, and VNC access app.allow.vnc without triggering the measured boot. Thus, a user with...

5.9CVSS5.2AI score0.00159EPSS
Exploits0References7
ptsecurity
ptsecurity
added 2026/02/04 12:0 a.m.6 views

PT-2026-6358

Impact On boot, Pillar checks for /config/GlobalConfig/global.json and overrides system configuration if present. This allows enabling debug functions like SSH debug.enable.ssh, USB keyboard debug.enable.usb, and VNC access app.allow.vnc without triggering the measured boot. Thus, a user with...

8.8CVSS5.3AI score0.00159EPSS
Exploits0References8
redhatcve
redhatcve
added 2026/01/09 9:0 a.m.6 views

CVE-2023-43633

On boot, the Pillar eve container checks for the existence and content of “/config/GlobalConfig/global.json”. If the file exists, it overrides the existing configuration on the device on boot. This allows an attacker to change the system’s configuration, which also includes some debug functions...

8.8CVSS6.8AI score0.00159EPSS
Exploits0References1
nessus
nessus
added 2025/09/04 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-22241

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - File contents overwrite the VirtKey class is called when on-demand pillar data is requested and uses un- validated input to create paths to the pki directory. T...

5.6CVSS6.3AI score0.00166EPSS
Exploits0References2
Rows per page
Query Builder